Skip to content

Commit 99125fb

Browse files
AlteredCoderAlteredCoder
committed
update README
1 parent f1c0614 commit 99125fb

File tree

1 file changed

+15
-1
lines changed

1 file changed

+15
-1
lines changed

README.md

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,20 @@
55
## Overview
66
The CrowdSec Splunk app leverages the CrowdSec's CTI API's smoke endpoint which enables users to query an IP and receive enrichment
77

8+
9+
## Table of Contents
10+
- [Overview](#overview)
11+
- [Example Usage](#example-usage)
12+
- [Results](#results)
13+
- [Local Dump](#local-dump)
14+
- [Configuration file](#configuration-file)
15+
- [`api_key`](#api_key)
16+
- [`batching`](#batching)
17+
- [`batch_size`](#batch_size)
18+
- [`local_dump`](#local_dump)
19+
- [Profiles](#profiles)
20+
21+
822
## Example Usage
923

1024
The following command is used to run an IP check through the CrowdSec's CTI API's smoke endpoint. On the Homepage of Splunk Web Interface, select `Search & Reporting` and use the following command.
@@ -78,7 +92,7 @@ Lookup databases are download automatically every 24h.
7892

7993
## Profiles
8094

81-
Profiles are optional presets that automatically select a predefined set of CrowdSec output fields, so results stay consistent and you don’t have to manually maintain long fields= lists. You can still combine profile with fields to further restrict what is returned.
95+
Profiles are optional presets that automatically select a predefined set of CrowdSec output fields, so results stay consistent and you don’t have to manually maintain long `ipfield=` lists.
8296

8397
- `base`: returns `ip`, `reputation`, `confidence`, `as_num`, `as_name`, `location`, `classifications`.
8498

0 commit comments

Comments
 (0)